diff --git a/.coveragerc b/.coveragerc
index af7e5e1..172894e 100644
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,27 +1,11 @@
-# -*- coding: utf-8 -*-
-#
-# Copyright 2020 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Generated by synthtool. DO NOT EDIT!
[run]
branch = True
[report]
fail_under = 100
show_missing = True
-omit = google/cloud/accessapproval/__init__.py
+omit =
+ google/cloud/accessapproval/__init__.py
exclude_lines =
# Re-enable the standard pragma
pragma: NO COVER
diff --git a/.github/header-checker-lint.yml b/.github/header-checker-lint.yml
new file mode 100644
index 0000000..fc281c0
--- /dev/null
+++ b/.github/header-checker-lint.yml
@@ -0,0 +1,15 @@
+{"allowedCopyrightHolders": ["Google LLC"],
+ "allowedLicenses": ["Apache-2.0", "MIT", "BSD-3"],
+ "ignoreFiles": ["**/requirements.txt", "**/requirements-test.txt"],
+ "sourceFileExtensions": [
+ "ts",
+ "js",
+ "java",
+ "sh",
+ "Dockerfile",
+ "yaml",
+ "py",
+ "html",
+ "txt"
+ ]
+}
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index b9daa52..b4243ce 100644
--- a/.gitignore
+++ b/.gitignore
@@ -50,8 +50,10 @@ docs.metadata
# Virtual environment
env/
+
+# Test logs
coverage.xml
-sponge_log.xml
+*sponge_log.xml
# System test environment variables.
system_tests/local_test_setup
diff --git a/.kokoro/build.sh b/.kokoro/build.sh
index 2d28d78..b30930f 100755
--- a/.kokoro/build.sh
+++ b/.kokoro/build.sh
@@ -15,7 +15,11 @@
set -eo pipefail
-cd github/python-access-approval
+if [[ -z "${PROJECT_ROOT:-}" ]]; then
+ PROJECT_ROOT="github/python-access-approval"
+fi
+
+cd "${PROJECT_ROOT}"
# Disable buffering, so that the logs stream through.
export PYTHONUNBUFFERED=1
@@ -30,16 +34,26 @@ export GOOGLE_APPLICATION_CREDENTIALS=${KOKORO_GFILE_DIR}/service-account.json
export PROJECT_ID=$(cat "${KOKORO_GFILE_DIR}/project-id.json")
# Remove old nox
-python3.6 -m pip uninstall --yes --quiet nox-automation
+python3 -m pip uninstall --yes --quiet nox-automation
# Install nox
-python3.6 -m pip install --upgrade --quiet nox
-python3.6 -m nox --version
+python3 -m pip install --upgrade --quiet nox
+python3 -m nox --version
+
+# If this is a continuous build, send the test log to the FlakyBot.
+# See https://github.com/googleapis/repo-automation-bots/tree/master/packages/flakybot.
+if [[ $KOKORO_BUILD_ARTIFACTS_SUBDIR = *"continuous"* ]]; then
+ cleanup() {
+ chmod +x $KOKORO_GFILE_DIR/linux_amd64/flakybot
+ $KOKORO_GFILE_DIR/linux_amd64/flakybot
+ }
+ trap cleanup EXIT HUP
+fi
# If NOX_SESSION is set, it only runs the specified session,
# otherwise run all the sessions.
if [[ -n "${NOX_SESSION:-}" ]]; then
- python3.6 -m nox -s "${NOX_SESSION:-}"
+ python3 -m nox -s ${NOX_SESSION:-}
else
- python3.6 -m nox
+ python3 -m nox
fi
diff --git a/.kokoro/docs/docs-presubmit.cfg b/.kokoro/docs/docs-presubmit.cfg
index 1118107..8697748 100644
--- a/.kokoro/docs/docs-presubmit.cfg
+++ b/.kokoro/docs/docs-presubmit.cfg
@@ -15,3 +15,14 @@ env_vars: {
key: "TRAMPOLINE_IMAGE_UPLOAD"
value: "false"
}
+
+env_vars: {
+ key: "TRAMPOLINE_BUILD_FILE"
+ value: "github/python-access-approval/.kokoro/build.sh"
+}
+
+# Only run this nox session.
+env_vars: {
+ key: "NOX_SESSION"
+ value: "docs docfx"
+}
diff --git a/.kokoro/samples/python3.6/periodic-head.cfg b/.kokoro/samples/python3.6/periodic-head.cfg
new file mode 100644
index 0000000..f9cfcd3
--- /dev/null
+++ b/.kokoro/samples/python3.6/periodic-head.cfg
@@ -0,0 +1,11 @@
+# Format: //devtools/kokoro/config/proto/build.proto
+
+env_vars: {
+ key: "INSTALL_LIBRARY_FROM_SOURCE"
+ value: "True"
+}
+
+env_vars: {
+ key: "TRAMPOLINE_BUILD_FILE"
+ value: "github/python-pubsub/.kokoro/test-samples-against-head.sh"
+}
diff --git a/.kokoro/samples/python3.7/periodic-head.cfg b/.kokoro/samples/python3.7/periodic-head.cfg
new file mode 100644
index 0000000..f9cfcd3
--- /dev/null
+++ b/.kokoro/samples/python3.7/periodic-head.cfg
@@ -0,0 +1,11 @@
+# Format: //devtools/kokoro/config/proto/build.proto
+
+env_vars: {
+ key: "INSTALL_LIBRARY_FROM_SOURCE"
+ value: "True"
+}
+
+env_vars: {
+ key: "TRAMPOLINE_BUILD_FILE"
+ value: "github/python-pubsub/.kokoro/test-samples-against-head.sh"
+}
diff --git a/.kokoro/samples/python3.8/periodic-head.cfg b/.kokoro/samples/python3.8/periodic-head.cfg
new file mode 100644
index 0000000..f9cfcd3
--- /dev/null
+++ b/.kokoro/samples/python3.8/periodic-head.cfg
@@ -0,0 +1,11 @@
+# Format: //devtools/kokoro/config/proto/build.proto
+
+env_vars: {
+ key: "INSTALL_LIBRARY_FROM_SOURCE"
+ value: "True"
+}
+
+env_vars: {
+ key: "TRAMPOLINE_BUILD_FILE"
+ value: "github/python-pubsub/.kokoro/test-samples-against-head.sh"
+}
diff --git a/.kokoro/test-samples-against-head.sh b/.kokoro/test-samples-against-head.sh
new file mode 100755
index 0000000..2b574fd
--- /dev/null
+++ b/.kokoro/test-samples-against-head.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# A customized test runner for samples.
+#
+# For periodic builds, you can specify this file for testing against head.
+
+# `-e` enables the script to automatically fail when a command fails
+# `-o pipefail` sets the exit code to the rightmost comment to exit with a non-zero
+set -eo pipefail
+# Enables `**` to include files nested inside sub-folders
+shopt -s globstar
+
+cd github/python-access-approval
+
+exec .kokoro/test-samples-impl.sh
diff --git a/.kokoro/test-samples-impl.sh b/.kokoro/test-samples-impl.sh
new file mode 100755
index 0000000..cf5de74
--- /dev/null
+++ b/.kokoro/test-samples-impl.sh
@@ -0,0 +1,102 @@
+#!/bin/bash
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# `-e` enables the script to automatically fail when a command fails
+# `-o pipefail` sets the exit code to the rightmost comment to exit with a non-zero
+set -eo pipefail
+# Enables `**` to include files nested inside sub-folders
+shopt -s globstar
+
+# Exit early if samples directory doesn't exist
+if [ ! -d "./samples" ]; then
+ echo "No tests run. `./samples` not found"
+ exit 0
+fi
+
+# Disable buffering, so that the logs stream through.
+export PYTHONUNBUFFERED=1
+
+# Debug: show build environment
+env | grep KOKORO
+
+# Install nox
+python3.6 -m pip install --upgrade --quiet nox
+
+# Use secrets acessor service account to get secrets
+if [[ -f "${KOKORO_GFILE_DIR}/secrets_viewer_service_account.json" ]]; then
+ gcloud auth activate-service-account \
+ --key-file="${KOKORO_GFILE_DIR}/secrets_viewer_service_account.json" \
+ --project="cloud-devrel-kokoro-resources"
+fi
+
+# This script will create 3 files:
+# - testing/test-env.sh
+# - testing/service-account.json
+# - testing/client-secrets.json
+./scripts/decrypt-secrets.sh
+
+source ./testing/test-env.sh
+export GOOGLE_APPLICATION_CREDENTIALS=$(pwd)/testing/service-account.json
+
+# For cloud-run session, we activate the service account for gcloud sdk.
+gcloud auth activate-service-account \
+ --key-file "${GOOGLE_APPLICATION_CREDENTIALS}"
+
+export GOOGLE_CLIENT_SECRETS=$(pwd)/testing/client-secrets.json
+
+echo -e "\n******************** TESTING PROJECTS ********************"
+
+# Switch to 'fail at end' to allow all tests to complete before exiting.
+set +e
+# Use RTN to return a non-zero value if the test fails.
+RTN=0
+ROOT=$(pwd)
+# Find all requirements.txt in the samples directory (may break on whitespace).
+for file in samples/**/requirements.txt; do
+ cd "$ROOT"
+ # Navigate to the project folder.
+ file=$(dirname "$file")
+ cd "$file"
+
+ echo "------------------------------------------------------------"
+ echo "- testing $file"
+ echo "------------------------------------------------------------"
+
+ # Use nox to execute the tests for the project.
+ python3.6 -m nox -s "$RUN_TESTS_SESSION"
+ EXIT=$?
+
+ # If this is a periodic build, send the test log to the FlakyBot.
+ # See https://github.com/googleapis/repo-automation-bots/tree/master/packages/flakybot.
+ if [[ $KOKORO_BUILD_ARTIFACTS_SUBDIR = *"periodic"* ]]; then
+ chmod +x $KOKORO_GFILE_DIR/linux_amd64/flakybot
+ $KOKORO_GFILE_DIR/linux_amd64/flakybot
+ fi
+
+ if [[ $EXIT -ne 0 ]]; then
+ RTN=1
+ echo -e "\n Testing failed: Nox returned a non-zero exit code. \n"
+ else
+ echo -e "\n Testing completed.\n"
+ fi
+
+done
+cd "$ROOT"
+
+# Workaround for Kokoro permissions issue: delete secrets
+rm testing/{test-env.sh,client-secrets.json,service-account.json}
+
+exit "$RTN"
diff --git a/.kokoro/test-samples.sh b/.kokoro/test-samples.sh
index 5b21fe2..be5f6b3 100755
--- a/.kokoro/test-samples.sh
+++ b/.kokoro/test-samples.sh
@@ -13,6 +13,10 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+# The default test runner for samples.
+#
+# For periodic builds, we rewinds the repo to the latest release, and
+# run test-samples-impl.sh.
# `-e` enables the script to automatically fail when a command fails
# `-o pipefail` sets the exit code to the rightmost comment to exit with a non-zero
@@ -24,87 +28,19 @@ cd github/python-access-approval
# Run periodic samples tests at latest release
if [[ $KOKORO_BUILD_ARTIFACTS_SUBDIR = *"periodic"* ]]; then
+ # preserving the test runner implementation.
+ cp .kokoro/test-samples-impl.sh "${TMPDIR}/test-samples-impl.sh"
+ echo "--- IMPORTANT IMPORTANT IMPORTANT ---"
+ echo "Now we rewind the repo back to the latest release..."
LATEST_RELEASE=$(git describe --abbrev=0 --tags)
git checkout $LATEST_RELEASE
-fi
-
-# Exit early if samples directory doesn't exist
-if [ ! -d "./samples" ]; then
- echo "No tests run. `./samples` not found"
- exit 0
-fi
-
-# Disable buffering, so that the logs stream through.
-export PYTHONUNBUFFERED=1
-
-# Debug: show build environment
-env | grep KOKORO
-
-# Install nox
-python3.6 -m pip install --upgrade --quiet nox
-
-# Use secrets acessor service account to get secrets
-if [[ -f "${KOKORO_GFILE_DIR}/secrets_viewer_service_account.json" ]]; then
- gcloud auth activate-service-account \
- --key-file="${KOKORO_GFILE_DIR}/secrets_viewer_service_account.json" \
- --project="cloud-devrel-kokoro-resources"
-fi
-
-# This script will create 3 files:
-# - testing/test-env.sh
-# - testing/service-account.json
-# - testing/client-secrets.json
-./scripts/decrypt-secrets.sh
-
-source ./testing/test-env.sh
-export GOOGLE_APPLICATION_CREDENTIALS=$(pwd)/testing/service-account.json
-
-# For cloud-run session, we activate the service account for gcloud sdk.
-gcloud auth activate-service-account \
- --key-file "${GOOGLE_APPLICATION_CREDENTIALS}"
-
-export GOOGLE_CLIENT_SECRETS=$(pwd)/testing/client-secrets.json
-
-echo -e "\n******************** TESTING PROJECTS ********************"
-
-# Switch to 'fail at end' to allow all tests to complete before exiting.
-set +e
-# Use RTN to return a non-zero value if the test fails.
-RTN=0
-ROOT=$(pwd)
-# Find all requirements.txt in the samples directory (may break on whitespace).
-for file in samples/**/requirements.txt; do
- cd "$ROOT"
- # Navigate to the project folder.
- file=$(dirname "$file")
- cd "$file"
-
- echo "------------------------------------------------------------"
- echo "- testing $file"
- echo "------------------------------------------------------------"
-
- # Use nox to execute the tests for the project.
- python3.6 -m nox -s "$RUN_TESTS_SESSION"
- EXIT=$?
-
- # If this is a periodic build, send the test log to the FlakyBot.
- # See https://github.com/googleapis/repo-automation-bots/tree/master/packages/flakybot.
- if [[ $KOKORO_BUILD_ARTIFACTS_SUBDIR = *"periodic"* ]]; then
- chmod +x $KOKORO_GFILE_DIR/linux_amd64/flakybot
- $KOKORO_GFILE_DIR/linux_amd64/flakybot
+ echo "The current head is: "
+ echo $(git rev-parse --verify HEAD)
+ echo "--- IMPORTANT IMPORTANT IMPORTANT ---"
+ # move back the test runner implementation if there's no file.
+ if [ ! -f .kokoro/test-samples-impl.sh ]; then
+ cp "${TMPDIR}/test-samples-impl.sh" .kokoro/test-samples-impl.sh
fi
+fi
- if [[ $EXIT -ne 0 ]]; then
- RTN=1
- echo -e "\n Testing failed: Nox returned a non-zero exit code. \n"
- else
- echo -e "\n Testing completed.\n"
- fi
-
-done
-cd "$ROOT"
-
-# Workaround for Kokoro permissions issue: delete secrets
-rm testing/{test-env.sh,client-secrets.json,service-account.json}
-
-exit "$RTN"
+exec .kokoro/test-samples-impl.sh
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index a9024b1..32302e4 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -12,6 +12,6 @@ repos:
hooks:
- id: black
- repo: https://gitlab.com/pycqa/flake8
- rev: 3.8.4
+ rev: 3.9.0
hooks:
- id: flake8
diff --git a/.trampolinerc b/.trampolinerc
index 995ee29..383b6ec 100644
--- a/.trampolinerc
+++ b/.trampolinerc
@@ -24,6 +24,7 @@ required_envvars+=(
pass_down_envvars+=(
"STAGING_BUCKET"
"V2_STAGING_BUCKET"
+ "NOX_SESSION"
)
# Prevent unintentional override on the default image.
diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
index 2550e64..c8064d0 100644
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@@ -70,9 +70,14 @@ We use `nox `__ to instrument our tests.
- To test your changes, run unit tests with ``nox``::
$ nox -s unit-2.7
- $ nox -s unit-3.7
+ $ nox -s unit-3.8
$ ...
+- Args to pytest can be passed through the nox command separated by a `--`. For
+ example, to run a single test::
+
+ $ nox -s unit-3.8 -- -k
+
.. note::
The unit tests and system tests are described in the
@@ -93,8 +98,12 @@ On Debian/Ubuntu::
************
Coding Style
************
+- We use the automatic code formatter ``black``. You can run it using
+ the nox session ``blacken``. This will eliminate many lint errors. Run via::
+
+ $ nox -s blacken
-- PEP8 compliance, with exceptions defined in the linter configuration.
+- PEP8 compliance is required, with exceptions defined in the linter configuration.
If you have ``nox`` installed, you can test that you have not introduced
any non-compliant code via::
@@ -133,13 +142,18 @@ Running System Tests
- To run system tests, you can execute::
- $ nox -s system-3.7
+ # Run all system tests
+ $ nox -s system-3.8
$ nox -s system-2.7
+ # Run a single system test
+ $ nox -s system-3.8 -- -k
+
+
.. note::
System tests are only configured to run under Python 2.7 and
- Python 3.7. For expediency, we do not run them in older versions
+ Python 3.8. For expediency, we do not run them in older versions
of Python 3.
This alone will not run the tests. You'll need to change some local
diff --git a/MANIFEST.in b/MANIFEST.in
index e9e29d1..e783f4c 100644
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -16,10 +16,10 @@
# Generated by synthtool. DO NOT EDIT!
include README.rst LICENSE
-recursive-include google *.json *.proto
+recursive-include google *.json *.proto py.typed
recursive-include tests *
global-exclude *.py[co]
global-exclude __pycache__
# Exclude scripts for samples readmegen
-prune scripts/readme-gen
\ No newline at end of file
+prune scripts/readme-gen
diff --git a/UPGRADING.md b/UPGRADING.md
index 366f22a..9feb5a8 100644
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -17,10 +17,10 @@ The 1.0.0 release requires Python 3.6+.
Methods expect request objects. We provide a script that will convert most common use cases.
-* Install the library
+* Install the library with `libcst`.
```py
-python3 -m pip install google-cloud-access-approval
+python3 -m pip install google-cloud-access-approval[libcst]
```
* The script `fixup_accessapproval_v1_keywords.py` is shipped with the library. It expects
diff --git a/accessapproval-v1-py.tar.gz b/accessapproval-v1-py.tar.gz
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/accessapproval_v1/access_approval.rst b/docs/accessapproval_v1/access_approval.rst
new file mode 100644
index 0000000..5b5d17d
--- /dev/null
+++ b/docs/accessapproval_v1/access_approval.rst
@@ -0,0 +1,11 @@
+AccessApproval
+--------------------------------
+
+.. automodule:: google.cloud.accessapproval_v1.services.access_approval
+ :members:
+ :inherited-members:
+
+
+.. automodule:: google.cloud.accessapproval_v1.services.access_approval.pagers
+ :members:
+ :inherited-members:
diff --git a/docs/accessapproval_v1/services.rst b/docs/accessapproval_v1/services.rst
index f83a517..c3f908c 100644
--- a/docs/accessapproval_v1/services.rst
+++ b/docs/accessapproval_v1/services.rst
@@ -1,6 +1,6 @@
Services for Google Cloud Accessapproval v1 API
===============================================
+.. toctree::
+ :maxdepth: 2
-.. automodule:: google.cloud.accessapproval_v1.services.access_approval
- :members:
- :inherited-members:
+ access_approval
diff --git a/docs/accessapproval_v1/types.rst b/docs/accessapproval_v1/types.rst
index 4876adf..684d364 100644
--- a/docs/accessapproval_v1/types.rst
+++ b/docs/accessapproval_v1/types.rst
@@ -3,4 +3,5 @@ Types for Google Cloud Accessapproval v1 API
.. automodule:: google.cloud.accessapproval_v1.types
:members:
+ :undoc-members:
:show-inheritance:
diff --git a/google/cloud/accessapproval_v1/services/access_approval/async_client.py b/google/cloud/accessapproval_v1/services/access_approval/async_client.py
index 657df52..3e8171e 100644
--- a/google/cloud/accessapproval_v1/services/access_approval/async_client.py
+++ b/google/cloud/accessapproval_v1/services/access_approval/async_client.py
@@ -110,7 +110,36 @@ class AccessApprovalAsyncClient:
AccessApprovalClient.parse_common_location_path
)
- from_service_account_file = AccessApprovalClient.from_service_account_file
+ @classmethod
+ def from_service_account_info(cls, info: dict, *args, **kwargs):
+ """Creates an instance of this client using the provided credentials info.
+
+ Args:
+ info (dict): The service account private key info.
+ args: Additional arguments to pass to the constructor.
+ kwargs: Additional arguments to pass to the constructor.
+
+ Returns:
+ AccessApprovalAsyncClient: The constructed client.
+ """
+ return AccessApprovalClient.from_service_account_info.__func__(AccessApprovalAsyncClient, info, *args, **kwargs) # type: ignore
+
+ @classmethod
+ def from_service_account_file(cls, filename: str, *args, **kwargs):
+ """Creates an instance of this client using the provided credentials
+ file.
+
+ Args:
+ filename (str): The path to the service account private key json
+ file.
+ args: Additional arguments to pass to the constructor.
+ kwargs: Additional arguments to pass to the constructor.
+
+ Returns:
+ AccessApprovalAsyncClient: The constructed client.
+ """
+ return AccessApprovalClient.from_service_account_file.__func__(AccessApprovalAsyncClient, filename, *args, **kwargs) # type: ignore
+
from_service_account_json = from_service_account_file
@property
@@ -189,12 +218,13 @@ async def list_approval_requests(
order is reverse chronological.
Args:
- request (:class:`~.accessapproval.ListApprovalRequestsMessage`):
+ request (:class:`google.cloud.accessapproval_v1.types.ListApprovalRequestsMessage`):
The request object. Request to list approval requests.
parent (:class:`str`):
The parent resource. This may be
"projects/{project_id}", "folders/{folder_id}", or
"organizations/{organization_id}".
+
This corresponds to the ``parent`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -206,7 +236,7 @@ async def list_approval_requests(
sent along with the request as metadata.
Returns:
- ~.pagers.ListApprovalRequestsAsyncPager:
+ google.cloud.accessapproval_v1.services.access_approval.pagers.ListApprovalRequestsAsyncPager:
Response to listing of
ApprovalRequest objects.
Iterating over this object will yield
@@ -241,6 +271,7 @@ async def list_approval_requests(
maximum=60.0,
multiplier=1.3,
predicate=retries.if_exception_type(exceptions.ServiceUnavailable,),
+ deadline=600.0,
),
default_timeout=600.0,
client_info=DEFAULT_CLIENT_INFO,
@@ -277,11 +308,12 @@ async def get_approval_request(
not exist.
Args:
- request (:class:`~.accessapproval.GetApprovalRequestMessage`):
+ request (:class:`google.cloud.accessapproval_v1.types.GetApprovalRequestMessage`):
The request object. Request to get an approval request.
name (:class:`str`):
Name of the approval request to
retrieve.
+
This corresponds to the ``name`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -293,7 +325,7 @@ async def get_approval_request(
sent along with the request as metadata.
Returns:
- ~.accessapproval.ApprovalRequest:
+ google.cloud.accessapproval_v1.types.ApprovalRequest:
A request for the customer to approve
access to a resource.
@@ -325,6 +357,7 @@ async def get_approval_request(
maximum=60.0,
multiplier=1.3,
predicate=retries.if_exception_type(exceptions.ServiceUnavailable,),
+ deadline=600.0,
),
default_timeout=600.0,
client_info=DEFAULT_CLIENT_INFO,
@@ -357,7 +390,7 @@ async def approve_approval_request(
pending state.
Args:
- request (:class:`~.accessapproval.ApproveApprovalRequestMessage`):
+ request (:class:`google.cloud.accessapproval_v1.types.ApproveApprovalRequestMessage`):
The request object. Request to approve an
ApprovalRequest.
@@ -368,7 +401,7 @@ async def approve_approval_request(
sent along with the request as metadata.
Returns:
- ~.accessapproval.ApprovalRequest:
+ google.cloud.accessapproval_v1.types.ApprovalRequest:
A request for the customer to approve
access to a resource.
@@ -417,7 +450,7 @@ async def dismiss_approval_request(
a pending state.
Args:
- request (:class:`~.accessapproval.DismissApprovalRequestMessage`):
+ request (:class:`google.cloud.accessapproval_v1.types.DismissApprovalRequestMessage`):
The request object. Request to dismiss an approval
request.
@@ -428,7 +461,7 @@ async def dismiss_approval_request(
sent along with the request as metadata.
Returns:
- ~.accessapproval.ApprovalRequest:
+ google.cloud.accessapproval_v1.types.ApprovalRequest:
A request for the customer to approve
access to a resource.
@@ -470,12 +503,13 @@ async def get_access_approval_settings(
or organization.
Args:
- request (:class:`~.accessapproval.GetAccessApprovalSettingsMessage`):
+ request (:class:`google.cloud.accessapproval_v1.types.GetAccessApprovalSettingsMessage`):
The request object. Request to get access approval
settings.
name (:class:`str`):
Name of the AccessApprovalSettings to
retrieve.
+
This corresponds to the ``name`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -487,7 +521,7 @@ async def get_access_approval_settings(
sent along with the request as metadata.
Returns:
- ~.accessapproval.AccessApprovalSettings:
+ google.cloud.accessapproval_v1.types.AccessApprovalSettings:
Settings on a
Project/Folder/Organization related to
Access Approval.
@@ -520,6 +554,7 @@ async def get_access_approval_settings(
maximum=60.0,
multiplier=1.3,
predicate=retries.if_exception_type(exceptions.ServiceUnavailable,),
+ deadline=600.0,
),
default_timeout=600.0,
client_info=DEFAULT_CLIENT_INFO,
@@ -552,15 +587,15 @@ async def update_access_approval_settings(
field_mask.
Args:
- request (:class:`~.accessapproval.UpdateAccessApprovalSettingsMessage`):
+ request (:class:`google.cloud.accessapproval_v1.types.UpdateAccessApprovalSettingsMessage`):
The request object. Request to update access approval
settings.
- settings (:class:`~.accessapproval.AccessApprovalSettings`):
+ settings (:class:`google.cloud.accessapproval_v1.types.AccessApprovalSettings`):
The new AccessApprovalSettings.
This corresponds to the ``settings`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
- update_mask (:class:`~.field_mask.FieldMask`):
+ update_mask (:class:`google.protobuf.field_mask_pb2.FieldMask`):
The update mask applies to the settings. Only the top
level fields of AccessApprovalSettings
(notification_emails & enrolled_services) are supported.
@@ -572,6 +607,7 @@ async def update_access_approval_settings(
https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
If this field is left unset, only the
notification_emails field will be updated.
+
This corresponds to the ``update_mask`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -583,7 +619,7 @@ async def update_access_approval_settings(
sent along with the request as metadata.
Returns:
- ~.accessapproval.AccessApprovalSettings:
+ google.cloud.accessapproval_v1.types.AccessApprovalSettings:
Settings on a
Project/Folder/Organization related to
Access Approval.
@@ -650,12 +686,13 @@ async def delete_access_approval_settings(
inherited.
Args:
- request (:class:`~.accessapproval.DeleteAccessApprovalSettingsMessage`):
+ request (:class:`google.cloud.accessapproval_v1.types.DeleteAccessApprovalSettingsMessage`):
The request object. Request to delete access approval
settings.
name (:class:`str`):
Name of the AccessApprovalSettings to
delete.
+
This corresponds to the ``name`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
diff --git a/google/cloud/accessapproval_v1/services/access_approval/client.py b/google/cloud/accessapproval_v1/services/access_approval/client.py
index 6bac823..c5f2900 100644
--- a/google/cloud/accessapproval_v1/services/access_approval/client.py
+++ b/google/cloud/accessapproval_v1/services/access_approval/client.py
@@ -147,6 +147,22 @@ def _get_default_mtls_endpoint(api_endpoint):
DEFAULT_ENDPOINT
)
+ @classmethod
+ def from_service_account_info(cls, info: dict, *args, **kwargs):
+ """Creates an instance of this client using the provided credentials info.
+
+ Args:
+ info (dict): The service account private key info.
+ args: Additional arguments to pass to the constructor.
+ kwargs: Additional arguments to pass to the constructor.
+
+ Returns:
+ AccessApprovalClient: The constructed client.
+ """
+ credentials = service_account.Credentials.from_service_account_info(info)
+ kwargs["credentials"] = credentials
+ return cls(*args, **kwargs)
+
@classmethod
def from_service_account_file(cls, filename: str, *args, **kwargs):
"""Creates an instance of this client using the provided credentials
@@ -159,7 +175,7 @@ def from_service_account_file(cls, filename: str, *args, **kwargs):
kwargs: Additional arguments to pass to the constructor.
Returns:
- {@api.name}: The constructed client.
+ AccessApprovalClient: The constructed client.
"""
credentials = service_account.Credentials.from_service_account_file(filename)
kwargs["credentials"] = credentials
@@ -251,10 +267,10 @@ def __init__(
credentials identify the application to the service; if none
are specified, the client will attempt to ascertain the
credentials from the environment.
- transport (Union[str, ~.AccessApprovalTransport]): The
+ transport (Union[str, AccessApprovalTransport]): The
transport to use. If set to None, a transport is chosen
automatically.
- client_options (client_options_lib.ClientOptions): Custom options for the
+ client_options (google.api_core.client_options.ClientOptions): Custom options for the
client. It won't take effect if a ``transport`` instance is provided.
(1) The ``api_endpoint`` property can be used to override the
default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT
@@ -290,21 +306,17 @@ def __init__(
util.strtobool(os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false"))
)
- ssl_credentials = None
+ client_cert_source_func = None
is_mtls = False
if use_client_cert:
if client_options.client_cert_source:
- import grpc # type: ignore
-
- cert, key = client_options.client_cert_source()
- ssl_credentials = grpc.ssl_channel_credentials(
- certificate_chain=cert, private_key=key
- )
is_mtls = True
+ client_cert_source_func = client_options.client_cert_source
else:
- creds = SslCredentials()
- is_mtls = creds.is_mtls
- ssl_credentials = creds.ssl_credentials if is_mtls else None
+ is_mtls = mtls.has_default_client_cert_source()
+ client_cert_source_func = (
+ mtls.default_client_cert_source() if is_mtls else None
+ )
# Figure out which api endpoint to use.
if client_options.api_endpoint is not None:
@@ -347,7 +359,7 @@ def __init__(
credentials_file=client_options.credentials_file,
host=api_endpoint,
scopes=client_options.scopes,
- ssl_channel_credentials=ssl_credentials,
+ client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
)
@@ -367,12 +379,13 @@ def list_approval_requests(
order is reverse chronological.
Args:
- request (:class:`~.accessapproval.ListApprovalRequestsMessage`):
+ request (google.cloud.accessapproval_v1.types.ListApprovalRequestsMessage):
The request object. Request to list approval requests.
- parent (:class:`str`):
+ parent (str):
The parent resource. This may be
"projects/{project_id}", "folders/{folder_id}", or
"organizations/{organization_id}".
+
This corresponds to the ``parent`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -384,7 +397,7 @@ def list_approval_requests(
sent along with the request as metadata.
Returns:
- ~.pagers.ListApprovalRequestsPager:
+ google.cloud.accessapproval_v1.services.access_approval.pagers.ListApprovalRequestsPager:
Response to listing of
ApprovalRequest objects.
Iterating over this object will yield
@@ -450,11 +463,12 @@ def get_approval_request(
not exist.
Args:
- request (:class:`~.accessapproval.GetApprovalRequestMessage`):
+ request (google.cloud.accessapproval_v1.types.GetApprovalRequestMessage):
The request object. Request to get an approval request.
- name (:class:`str`):
+ name (str):
Name of the approval request to
retrieve.
+
This corresponds to the ``name`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -466,7 +480,7 @@ def get_approval_request(
sent along with the request as metadata.
Returns:
- ~.accessapproval.ApprovalRequest:
+ google.cloud.accessapproval_v1.types.ApprovalRequest:
A request for the customer to approve
access to a resource.
@@ -525,7 +539,7 @@ def approve_approval_request(
pending state.
Args:
- request (:class:`~.accessapproval.ApproveApprovalRequestMessage`):
+ request (google.cloud.accessapproval_v1.types.ApproveApprovalRequestMessage):
The request object. Request to approve an
ApprovalRequest.
@@ -536,7 +550,7 @@ def approve_approval_request(
sent along with the request as metadata.
Returns:
- ~.accessapproval.ApprovalRequest:
+ google.cloud.accessapproval_v1.types.ApprovalRequest:
A request for the customer to approve
access to a resource.
@@ -586,7 +600,7 @@ def dismiss_approval_request(
a pending state.
Args:
- request (:class:`~.accessapproval.DismissApprovalRequestMessage`):
+ request (google.cloud.accessapproval_v1.types.DismissApprovalRequestMessage):
The request object. Request to dismiss an approval
request.
@@ -597,7 +611,7 @@ def dismiss_approval_request(
sent along with the request as metadata.
Returns:
- ~.accessapproval.ApprovalRequest:
+ google.cloud.accessapproval_v1.types.ApprovalRequest:
A request for the customer to approve
access to a resource.
@@ -640,12 +654,13 @@ def get_access_approval_settings(
or organization.
Args:
- request (:class:`~.accessapproval.GetAccessApprovalSettingsMessage`):
+ request (google.cloud.accessapproval_v1.types.GetAccessApprovalSettingsMessage):
The request object. Request to get access approval
settings.
- name (:class:`str`):
+ name (str):
Name of the AccessApprovalSettings to
retrieve.
+
This corresponds to the ``name`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -657,7 +672,7 @@ def get_access_approval_settings(
sent along with the request as metadata.
Returns:
- ~.accessapproval.AccessApprovalSettings:
+ google.cloud.accessapproval_v1.types.AccessApprovalSettings:
Settings on a
Project/Folder/Organization related to
Access Approval.
@@ -719,15 +734,15 @@ def update_access_approval_settings(
field_mask.
Args:
- request (:class:`~.accessapproval.UpdateAccessApprovalSettingsMessage`):
+ request (google.cloud.accessapproval_v1.types.UpdateAccessApprovalSettingsMessage):
The request object. Request to update access approval
settings.
- settings (:class:`~.accessapproval.AccessApprovalSettings`):
+ settings (google.cloud.accessapproval_v1.types.AccessApprovalSettings):
The new AccessApprovalSettings.
This corresponds to the ``settings`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
- update_mask (:class:`~.field_mask.FieldMask`):
+ update_mask (google.protobuf.field_mask_pb2.FieldMask):
The update mask applies to the settings. Only the top
level fields of AccessApprovalSettings
(notification_emails & enrolled_services) are supported.
@@ -739,6 +754,7 @@ def update_access_approval_settings(
https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
If this field is left unset, only the
notification_emails field will be updated.
+
This corresponds to the ``update_mask`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
@@ -750,7 +766,7 @@ def update_access_approval_settings(
sent along with the request as metadata.
Returns:
- ~.accessapproval.AccessApprovalSettings:
+ google.cloud.accessapproval_v1.types.AccessApprovalSettings:
Settings on a
Project/Folder/Organization related to
Access Approval.
@@ -820,12 +836,13 @@ def delete_access_approval_settings(
inherited.
Args:
- request (:class:`~.accessapproval.DeleteAccessApprovalSettingsMessage`):
+ request (google.cloud.accessapproval_v1.types.DeleteAccessApprovalSettingsMessage):
The request object. Request to delete access approval
settings.
- name (:class:`str`):
+ name (str):
Name of the AccessApprovalSettings to
delete.
+
This corresponds to the ``name`` field
on the ``request`` instance; if ``request`` is provided, this
should not be set.
diff --git a/google/cloud/accessapproval_v1/services/access_approval/pagers.py b/google/cloud/accessapproval_v1/services/access_approval/pagers.py
index 09f1aa2..965329e 100644
--- a/google/cloud/accessapproval_v1/services/access_approval/pagers.py
+++ b/google/cloud/accessapproval_v1/services/access_approval/pagers.py
@@ -15,7 +15,16 @@
# limitations under the License.
#
-from typing import Any, AsyncIterable, Awaitable, Callable, Iterable, Sequence, Tuple
+from typing import (
+ Any,
+ AsyncIterable,
+ Awaitable,
+ Callable,
+ Iterable,
+ Sequence,
+ Tuple,
+ Optional,
+)
from google.cloud.accessapproval_v1.types import accessapproval
@@ -24,7 +33,7 @@ class ListApprovalRequestsPager:
"""A pager for iterating through ``list_approval_requests`` requests.
This class thinly wraps an initial
- :class:`~.accessapproval.ListApprovalRequestsResponse` object, and
+ :class:`google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse` object, and
provides an ``__iter__`` method to iterate through its
``approval_requests`` field.
@@ -33,7 +42,7 @@ class ListApprovalRequestsPager:
through the ``approval_requests`` field on the
corresponding responses.
- All the usual :class:`~.accessapproval.ListApprovalRequestsResponse`
+ All the usual :class:`google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse`
attributes are available on the pager. If multiple requests are made, only
the most recent response is retained, and thus used for attribute lookup.
"""
@@ -51,9 +60,9 @@ def __init__(
Args:
method (Callable): The method that was originally called, and
which instantiated this pager.
- request (:class:`~.accessapproval.ListApprovalRequestsMessage`):
+ request (google.cloud.accessapproval_v1.types.ListApprovalRequestsMessage):
The initial request object.
- response (:class:`~.accessapproval.ListApprovalRequestsResponse`):
+ response (google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse):
The initial response object.
metadata (Sequence[Tuple[str, str]]): Strings which should be
sent along with the request as metadata.
@@ -86,7 +95,7 @@ class ListApprovalRequestsAsyncPager:
"""A pager for iterating through ``list_approval_requests`` requests.
This class thinly wraps an initial
- :class:`~.accessapproval.ListApprovalRequestsResponse` object, and
+ :class:`google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse` object, and
provides an ``__aiter__`` method to iterate through its
``approval_requests`` field.
@@ -95,7 +104,7 @@ class ListApprovalRequestsAsyncPager:
through the ``approval_requests`` field on the
corresponding responses.
- All the usual :class:`~.accessapproval.ListApprovalRequestsResponse`
+ All the usual :class:`google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse`
attributes are available on the pager. If multiple requests are made, only
the most recent response is retained, and thus used for attribute lookup.
"""
@@ -113,9 +122,9 @@ def __init__(
Args:
method (Callable): The method that was originally called, and
which instantiated this pager.
- request (:class:`~.accessapproval.ListApprovalRequestsMessage`):
+ request (google.cloud.accessapproval_v1.types.ListApprovalRequestsMessage):
The initial request object.
- response (:class:`~.accessapproval.ListApprovalRequestsResponse`):
+ response (google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse):
The initial response object.
metadata (Sequence[Tuple[str, str]]): Strings which should be
sent along with the request as metadata.
diff --git a/google/cloud/accessapproval_v1/services/access_approval/transports/base.py b/google/cloud/accessapproval_v1/services/access_approval/transports/base.py
index fbe4576..2511b7f 100644
--- a/google/cloud/accessapproval_v1/services/access_approval/transports/base.py
+++ b/google/cloud/accessapproval_v1/services/access_approval/transports/base.py
@@ -70,10 +70,10 @@ def __init__(
scope (Optional[Sequence[str]]): A list of scopes.
quota_project_id (Optional[str]): An optional project to use for billing
and quota.
- client_info (google.api_core.gapic_v1.client_info.ClientInfo):
- The client info used to send a user-agent string along with
- API requests. If ``None``, then default info will be used.
- Generally, you only need to set this if you're developing
+ client_info (google.api_core.gapic_v1.client_info.ClientInfo):
+ The client info used to send a user-agent string along with
+ API requests. If ``None``, then default info will be used.
+ Generally, you only need to set this if you're developing
your own client library.
"""
# Save the hostname. Default to port 443 (HTTPS) if none is specified.
@@ -81,6 +81,9 @@ def __init__(
host += ":443"
self._host = host
+ # Save the scopes.
+ self._scopes = scopes or self.AUTH_SCOPES
+
# If no credentials are provided, then determine the appropriate
# defaults.
if credentials and credentials_file:
@@ -90,20 +93,17 @@ def __init__(
if credentials_file is not None:
credentials, _ = auth.load_credentials_from_file(
- credentials_file, scopes=scopes, quota_project_id=quota_project_id
+ credentials_file, scopes=self._scopes, quota_project_id=quota_project_id
)
elif credentials is None:
credentials, _ = auth.default(
- scopes=scopes, quota_project_id=quota_project_id
+ scopes=self._scopes, quota_project_id=quota_project_id
)
# Save the credentials.
self._credentials = credentials
- # Lifted into its own function so it can be stubbed out during tests.
- self._prep_wrapped_messages(client_info)
-
def _prep_wrapped_messages(self, client_info):
# Precompute the wrapped methods.
self._wrapped_methods = {
@@ -114,6 +114,7 @@ def _prep_wrapped_messages(self, client_info):
maximum=60.0,
multiplier=1.3,
predicate=retries.if_exception_type(exceptions.ServiceUnavailable,),
+ deadline=600.0,
),
default_timeout=600.0,
client_info=client_info,
@@ -125,6 +126,7 @@ def _prep_wrapped_messages(self, client_info):
maximum=60.0,
multiplier=1.3,
predicate=retries.if_exception_type(exceptions.ServiceUnavailable,),
+ deadline=600.0,
),
default_timeout=600.0,
client_info=client_info,
@@ -146,6 +148,7 @@ def _prep_wrapped_messages(self, client_info):
maximum=60.0,
multiplier=1.3,
predicate=retries.if_exception_type(exceptions.ServiceUnavailable,),
+ deadline=600.0,
),
default_timeout=600.0,
client_info=client_info,
diff --git a/google/cloud/accessapproval_v1/services/access_approval/transports/grpc.py b/google/cloud/accessapproval_v1/services/access_approval/transports/grpc.py
index cda3af4..3abe140 100644
--- a/google/cloud/accessapproval_v1/services/access_approval/transports/grpc.py
+++ b/google/cloud/accessapproval_v1/services/access_approval/transports/grpc.py
@@ -92,6 +92,7 @@ def __init__(
api_mtls_endpoint: str = None,
client_cert_source: Callable[[], Tuple[bytes, bytes]] = None,
ssl_channel_credentials: grpc.ChannelCredentials = None,
+ client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None,
quota_project_id: Optional[str] = None,
client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
) -> None:
@@ -122,6 +123,10 @@ def __init__(
``api_mtls_endpoint`` is None.
ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials
for grpc channel. It is ignored if ``channel`` is provided.
+ client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]):
+ A callback to provide client certificate bytes and private key bytes,
+ both in PEM format. It is used to configure mutual TLS channel. It is
+ ignored if ``channel`` or ``ssl_channel_credentials`` is provided.
quota_project_id (Optional[str]): An optional project to use for billing
and quota.
client_info (google.api_core.gapic_v1.client_info.ClientInfo):
@@ -136,72 +141,60 @@ def __init__(
google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials``
and ``credentials_file`` are passed.
"""
+ self._grpc_channel = None
self._ssl_channel_credentials = ssl_channel_credentials
+ self._stubs: Dict[str, Callable] = {}
+
+ if api_mtls_endpoint:
+ warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning)
+ if client_cert_source:
+ warnings.warn("client_cert_source is deprecated", DeprecationWarning)
if channel:
- # Sanity check: Ensure that channel and credentials are not both
- # provided.
+ # Ignore credentials if a channel was passed.
credentials = False
-
# If a channel was explicitly provided, set it.
self._grpc_channel = channel
self._ssl_channel_credentials = None
- elif api_mtls_endpoint:
- warnings.warn(
- "api_mtls_endpoint and client_cert_source are deprecated",
- DeprecationWarning,
- )
- host = (
- api_mtls_endpoint
- if ":" in api_mtls_endpoint
- else api_mtls_endpoint + ":443"
- )
+ else:
+ if api_mtls_endpoint:
+ host = api_mtls_endpoint
+
+ # Create SSL credentials with client_cert_source or application
+ # default SSL credentials.
+ if client_cert_source:
+ cert, key = client_cert_source()
+ self._ssl_channel_credentials = grpc.ssl_channel_credentials(
+ certificate_chain=cert, private_key=key
+ )
+ else:
+ self._ssl_channel_credentials = SslCredentials().ssl_credentials
- if credentials is None:
- credentials, _ = auth.default(
- scopes=self.AUTH_SCOPES, quota_project_id=quota_project_id
- )
-
- # Create SSL credentials with client_cert_source or application
- # default SSL credentials.
- if client_cert_source:
- cert, key = client_cert_source()
- ssl_credentials = grpc.ssl_channel_credentials(
- certificate_chain=cert, private_key=key
- )
else:
- ssl_credentials = SslCredentials().ssl_credentials
-
- # create a new channel. The provided one is ignored.
- self._grpc_channel = type(self).create_channel(
- host,
- credentials=credentials,
- credentials_file=credentials_file,
- ssl_credentials=ssl_credentials,
- scopes=scopes or self.AUTH_SCOPES,
- quota_project_id=quota_project_id,
- options=[
- ("grpc.max_send_message_length", -1),
- ("grpc.max_receive_message_length", -1),
- ],
- )
- self._ssl_channel_credentials = ssl_credentials
- else:
- host = host if ":" in host else host + ":443"
+ if client_cert_source_for_mtls and not ssl_channel_credentials:
+ cert, key = client_cert_source_for_mtls()
+ self._ssl_channel_credentials = grpc.ssl_channel_credentials(
+ certificate_chain=cert, private_key=key
+ )
- if credentials is None:
- credentials, _ = auth.default(
- scopes=self.AUTH_SCOPES, quota_project_id=quota_project_id
- )
+ # The base transport sets the host, credentials and scopes
+ super().__init__(
+ host=host,
+ credentials=credentials,
+ credentials_file=credentials_file,
+ scopes=scopes,
+ quota_project_id=quota_project_id,
+ client_info=client_info,
+ )
- # create a new channel. The provided one is ignored.
+ if not self._grpc_channel:
self._grpc_channel = type(self).create_channel(
- host,
- credentials=credentials,
+ self._host,
+ credentials=self._credentials,
credentials_file=credentials_file,
- ssl_credentials=ssl_channel_credentials,
- scopes=scopes or self.AUTH_SCOPES,
+ scopes=self._scopes,
+ ssl_credentials=self._ssl_channel_credentials,
quota_project_id=quota_project_id,
options=[
("grpc.max_send_message_length", -1),
@@ -209,17 +202,8 @@ def __init__(
],
)
- self._stubs = {} # type: Dict[str, Callable]
-
- # Run the base constructor.
- super().__init__(
- host=host,
- credentials=credentials,
- credentials_file=credentials_file,
- scopes=scopes or self.AUTH_SCOPES,
- quota_project_id=quota_project_id,
- client_info=client_info,
- )
+ # Wrap messages. This must be done after self._grpc_channel exists
+ self._prep_wrapped_messages(client_info)
@classmethod
def create_channel(
@@ -233,7 +217,7 @@ def create_channel(
) -> grpc.Channel:
"""Create and return a gRPC channel object.
Args:
- address (Optional[str]): The host for the channel to use.
+ host (Optional[str]): The host for the channel to use.
credentials (Optional[~.Credentials]): The
authorization credentials to attach to requests. These
credentials identify this application to the service. If
diff --git a/google/cloud/accessapproval_v1/services/access_approval/transports/grpc_asyncio.py b/google/cloud/accessapproval_v1/services/access_approval/transports/grpc_asyncio.py
index ac82c00..6a84315 100644
--- a/google/cloud/accessapproval_v1/services/access_approval/transports/grpc_asyncio.py
+++ b/google/cloud/accessapproval_v1/services/access_approval/transports/grpc_asyncio.py
@@ -96,7 +96,7 @@ def create_channel(
) -> aio.Channel:
"""Create and return a gRPC AsyncIO channel object.
Args:
- address (Optional[str]): The host for the channel to use.
+ host (Optional[str]): The host for the channel to use.
credentials (Optional[~.Credentials]): The
authorization credentials to attach to requests. These
credentials identify this application to the service. If
@@ -136,6 +136,7 @@ def __init__(
api_mtls_endpoint: str = None,
client_cert_source: Callable[[], Tuple[bytes, bytes]] = None,
ssl_channel_credentials: grpc.ChannelCredentials = None,
+ client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None,
quota_project_id=None,
client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
) -> None:
@@ -167,12 +168,16 @@ def __init__(
``api_mtls_endpoint`` is None.
ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials
for grpc channel. It is ignored if ``channel`` is provided.
+ client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]):
+ A callback to provide client certificate bytes and private key bytes,
+ both in PEM format. It is used to configure mutual TLS channel. It is
+ ignored if ``channel`` or ``ssl_channel_credentials`` is provided.
quota_project_id (Optional[str]): An optional project to use for billing
and quota.
- client_info (google.api_core.gapic_v1.client_info.ClientInfo):
- The client info used to send a user-agent string along with
- API requests. If ``None``, then default info will be used.
- Generally, you only need to set this if you're developing
+ client_info (google.api_core.gapic_v1.client_info.ClientInfo):
+ The client info used to send a user-agent string along with
+ API requests. If ``None``, then default info will be used.
+ Generally, you only need to set this if you're developing
your own client library.
Raises:
@@ -181,72 +186,60 @@ def __init__(
google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials``
and ``credentials_file`` are passed.
"""
+ self._grpc_channel = None
self._ssl_channel_credentials = ssl_channel_credentials
+ self._stubs: Dict[str, Callable] = {}
+
+ if api_mtls_endpoint:
+ warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning)
+ if client_cert_source:
+ warnings.warn("client_cert_source is deprecated", DeprecationWarning)
if channel:
- # Sanity check: Ensure that channel and credentials are not both
- # provided.
+ # Ignore credentials if a channel was passed.
credentials = False
-
# If a channel was explicitly provided, set it.
self._grpc_channel = channel
self._ssl_channel_credentials = None
- elif api_mtls_endpoint:
- warnings.warn(
- "api_mtls_endpoint and client_cert_source are deprecated",
- DeprecationWarning,
- )
- host = (
- api_mtls_endpoint
- if ":" in api_mtls_endpoint
- else api_mtls_endpoint + ":443"
- )
+ else:
+ if api_mtls_endpoint:
+ host = api_mtls_endpoint
+
+ # Create SSL credentials with client_cert_source or application
+ # default SSL credentials.
+ if client_cert_source:
+ cert, key = client_cert_source()
+ self._ssl_channel_credentials = grpc.ssl_channel_credentials(
+ certificate_chain=cert, private_key=key
+ )
+ else:
+ self._ssl_channel_credentials = SslCredentials().ssl_credentials
- if credentials is None:
- credentials, _ = auth.default(
- scopes=self.AUTH_SCOPES, quota_project_id=quota_project_id
- )
-
- # Create SSL credentials with client_cert_source or application
- # default SSL credentials.
- if client_cert_source:
- cert, key = client_cert_source()
- ssl_credentials = grpc.ssl_channel_credentials(
- certificate_chain=cert, private_key=key
- )
else:
- ssl_credentials = SslCredentials().ssl_credentials
-
- # create a new channel. The provided one is ignored.
- self._grpc_channel = type(self).create_channel(
- host,
- credentials=credentials,
- credentials_file=credentials_file,
- ssl_credentials=ssl_credentials,
- scopes=scopes or self.AUTH_SCOPES,
- quota_project_id=quota_project_id,
- options=[
- ("grpc.max_send_message_length", -1),
- ("grpc.max_receive_message_length", -1),
- ],
- )
- self._ssl_channel_credentials = ssl_credentials
- else:
- host = host if ":" in host else host + ":443"
+ if client_cert_source_for_mtls and not ssl_channel_credentials:
+ cert, key = client_cert_source_for_mtls()
+ self._ssl_channel_credentials = grpc.ssl_channel_credentials(
+ certificate_chain=cert, private_key=key
+ )
- if credentials is None:
- credentials, _ = auth.default(
- scopes=self.AUTH_SCOPES, quota_project_id=quota_project_id
- )
+ # The base transport sets the host, credentials and scopes
+ super().__init__(
+ host=host,
+ credentials=credentials,
+ credentials_file=credentials_file,
+ scopes=scopes,
+ quota_project_id=quota_project_id,
+ client_info=client_info,
+ )
- # create a new channel. The provided one is ignored.
+ if not self._grpc_channel:
self._grpc_channel = type(self).create_channel(
- host,
- credentials=credentials,
+ self._host,
+ credentials=self._credentials,
credentials_file=credentials_file,
- ssl_credentials=ssl_channel_credentials,
- scopes=scopes or self.AUTH_SCOPES,
+ scopes=self._scopes,
+ ssl_credentials=self._ssl_channel_credentials,
quota_project_id=quota_project_id,
options=[
("grpc.max_send_message_length", -1),
@@ -254,17 +247,8 @@ def __init__(
],
)
- # Run the base constructor.
- super().__init__(
- host=host,
- credentials=credentials,
- credentials_file=credentials_file,
- scopes=scopes or self.AUTH_SCOPES,
- quota_project_id=quota_project_id,
- client_info=client_info,
- )
-
- self._stubs = {}
+ # Wrap messages. This must be done after self._grpc_channel exists
+ self._prep_wrapped_messages(client_info)
@property
def grpc_channel(self) -> aio.Channel:
diff --git a/google/cloud/accessapproval_v1/types/__init__.py b/google/cloud/accessapproval_v1/types/__init__.py
index acbf248..f0fda5c 100644
--- a/google/cloud/accessapproval_v1/types/__init__.py
+++ b/google/cloud/accessapproval_v1/types/__init__.py
@@ -16,41 +16,41 @@
#
from .accessapproval import (
+ AccessApprovalSettings,
AccessLocations,
AccessReason,
+ ApprovalRequest,
+ ApproveApprovalRequestMessage,
ApproveDecision,
+ DeleteAccessApprovalSettingsMessage,
+ DismissApprovalRequestMessage,
DismissDecision,
- ResourceProperties,
- ApprovalRequest,
EnrolledService,
- AccessApprovalSettings,
+ GetAccessApprovalSettingsMessage,
+ GetApprovalRequestMessage,
ListApprovalRequestsMessage,
ListApprovalRequestsResponse,
- GetApprovalRequestMessage,
- ApproveApprovalRequestMessage,
- DismissApprovalRequestMessage,
- GetAccessApprovalSettingsMessage,
+ ResourceProperties,
UpdateAccessApprovalSettingsMessage,
- DeleteAccessApprovalSettingsMessage,
EnrollmentLevel,
)
__all__ = (
+ "AccessApprovalSettings",
"AccessLocations",
"AccessReason",
+ "ApprovalRequest",
+ "ApproveApprovalRequestMessage",
"ApproveDecision",
+ "DeleteAccessApprovalSettingsMessage",
+ "DismissApprovalRequestMessage",
"DismissDecision",
- "ResourceProperties",
- "ApprovalRequest",
"EnrolledService",
- "AccessApprovalSettings",
+ "GetAccessApprovalSettingsMessage",
+ "GetApprovalRequestMessage",
"ListApprovalRequestsMessage",
"ListApprovalRequestsResponse",
- "GetApprovalRequestMessage",
- "ApproveApprovalRequestMessage",
- "DismissApprovalRequestMessage",
- "GetAccessApprovalSettingsMessage",
+ "ResourceProperties",
"UpdateAccessApprovalSettingsMessage",
- "DeleteAccessApprovalSettingsMessage",
"EnrollmentLevel",
)
diff --git a/google/cloud/accessapproval_v1/types/accessapproval.py b/google/cloud/accessapproval_v1/types/accessapproval.py
index a0d5441..dddb7e6 100644
--- a/google/cloud/accessapproval_v1/types/accessapproval.py
+++ b/google/cloud/accessapproval_v1/types/accessapproval.py
@@ -103,7 +103,7 @@ class AccessReason(proto.Message):
r"""
Attributes:
- type_ (~.accessapproval.AccessReason.Type):
+ type_ (google.cloud.accessapproval_v1.types.AccessReason.Type):
Type of access justification.
detail (str):
More detail about certain reason types. See
@@ -127,9 +127,9 @@ class ApproveDecision(proto.Message):
resource.
Attributes:
- approve_time (~.timestamp.Timestamp):
+ approve_time (google.protobuf.timestamp_pb2.Timestamp):
The time at which approval was granted.
- expire_time (~.timestamp.Timestamp):
+ expire_time (google.protobuf.timestamp_pb2.Timestamp):
The time at which the approval expires.
"""
@@ -142,7 +142,7 @@ class DismissDecision(proto.Message):
r"""A decision that has been made to dismiss an approval request.
Attributes:
- dismiss_time (~.timestamp.Timestamp):
+ dismiss_time (google.protobuf.timestamp_pb2.Timestamp):
The time at which the approval request was
dismissed.
"""
@@ -178,25 +178,25 @@ class ApprovalRequest(proto.Message):
or a "relative" resource name (e.g.
"shelves/shelf1/books/book2") as described in the resource
name specification.
- requested_resource_properties (~.accessapproval.ResourceProperties):
+ requested_resource_properties (google.cloud.accessapproval_v1.types.ResourceProperties):
Properties related to the resource represented by
requested_resource_name.
- requested_reason (~.accessapproval.AccessReason):
+ requested_reason (google.cloud.accessapproval_v1.types.AccessReason):
The justification for which approval is being
requested.
- requested_locations (~.accessapproval.AccessLocations):
+ requested_locations (google.cloud.accessapproval_v1.types.AccessLocations):
The locations for which approval is being
requested.
- request_time (~.timestamp.Timestamp):
+ request_time (google.protobuf.timestamp_pb2.Timestamp):
The time at which approval was requested.
- requested_expiration (~.timestamp.Timestamp):
+ requested_expiration (google.protobuf.timestamp_pb2.Timestamp):
The requested expiration for the approval. If
the request is approved, access will be granted
from the time of approval until the expiration
time.
- approve (~.accessapproval.ApproveDecision):
+ approve (google.cloud.accessapproval_v1.types.ApproveDecision):
Access was approved.
- dismiss (~.accessapproval.DismissDecision):
+ dismiss (google.cloud.accessapproval_v1.types.DismissDecision):
The request was dismissed.
"""
@@ -248,7 +248,7 @@ class EnrolledService(proto.Message):
- iam.googleapis.com
- pubsub.googleapis.com
- storage.googleapis.com
- enrollment_level (~.accessapproval.EnrollmentLevel):
+ enrollment_level (google.cloud.accessapproval_v1.types.EnrollmentLevel):
The enrollment level of the service.
"""
@@ -275,7 +275,7 @@ class AccessApprovalSettings(proto.Message):
resource will be sent to all emails in the
settings of ancestor resources of that resource.
A maximum of 50 email addresses are allowed.
- enrolled_services (Sequence[~.accessapproval.EnrolledService]):
+ enrolled_services (Sequence[google.cloud.accessapproval_v1.types.EnrolledService]):
A list of Google Cloud Services for which the given resource
has Access Approval enrolled. Access requests for the
resource given by name against any of these services
@@ -348,7 +348,7 @@ class ListApprovalRequestsResponse(proto.Message):
r"""Response to listing of ApprovalRequest objects.
Attributes:
- approval_requests (Sequence[~.accessapproval.ApprovalRequest]):
+ approval_requests (Sequence[google.cloud.accessapproval_v1.types.ApprovalRequest]):
Approval request details.
next_page_token (str):
Token to retrieve the next page of results,
@@ -383,7 +383,7 @@ class ApproveApprovalRequestMessage(proto.Message):
Attributes:
name (str):
Name of the approval request to approve.
- expire_time (~.timestamp.Timestamp):
+ expire_time (google.protobuf.timestamp_pb2.Timestamp):
The expiration time of this approval.
"""
@@ -419,9 +419,9 @@ class UpdateAccessApprovalSettingsMessage(proto.Message):
r"""Request to update access approval settings.
Attributes:
- settings (~.accessapproval.AccessApprovalSettings):
+ settings (google.cloud.accessapproval_v1.types.AccessApprovalSettings):
The new AccessApprovalSettings.
- update_mask (~.field_mask.FieldMask):
+ update_mask (google.protobuf.field_mask_pb2.FieldMask):
The update mask applies to the settings. Only the top level
fields of AccessApprovalSettings (notification_emails &
enrolled_services) are supported. For each field, if it is
diff --git a/noxfile.py b/noxfile.py
index 8004482..4d37cd3 100644
--- a/noxfile.py
+++ b/noxfile.py
@@ -18,6 +18,7 @@
from __future__ import absolute_import
import os
+import pathlib
import shutil
import nox
@@ -30,6 +31,22 @@
SYSTEM_TEST_PYTHON_VERSIONS = ["3.8"]
UNIT_TEST_PYTHON_VERSIONS = ["3.6", "3.7", "3.8", "3.9"]
+CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute()
+
+# 'docfx' is excluded since it only needs to run in 'docs-presubmit'
+nox.options.sessions = [
+ "unit",
+ "system",
+ "cover",
+ "lint",
+ "lint_setup_py",
+ "blacken",
+ "docs",
+]
+
+# Error if a python version is missing
+nox.options.error_on_missing_interpreters = True
+
@nox.session(python=DEFAULT_PYTHON_VERSION)
def lint(session):
@@ -70,17 +87,21 @@ def lint_setup_py(session):
def default(session):
# Install all test dependencies, then install this package in-place.
- session.install("asyncmock", "pytest-asyncio")
- session.install(
- "mock", "pytest", "pytest-cov",
+ constraints_path = str(
+ CURRENT_DIRECTORY / "testing" / f"constraints-{session.python}.txt"
)
- session.install("-e", ".")
+ session.install("asyncmock", "pytest-asyncio", "-c", constraints_path)
+
+ session.install("mock", "pytest", "pytest-cov", "-c", constraints_path)
+
+ session.install("-e", ".", "-c", constraints_path)
# Run py.test against the unit tests.
session.run(
"py.test",
"--quiet",
+ f"--junitxml=unit_{session.python}_sponge_log.xml",
"--cov=google/cloud",
"--cov=tests/unit",
"--cov-append",
@@ -101,6 +122,9 @@ def unit(session):
@nox.session(python=SYSTEM_TEST_PYTHON_VERSIONS)
def system(session):
"""Run the system test suite."""
+ constraints_path = str(
+ CURRENT_DIRECTORY / "testing" / f"constraints-{session.python}.txt"
+ )
system_test_path = os.path.join("tests", "system.py")
system_test_folder_path = os.path.join("tests", "system")
@@ -110,6 +134,9 @@ def system(session):
# Sanity check: Only run tests if the environment variable is set.
if not os.environ.get("GOOGLE_APPLICATION_CREDENTIALS", ""):
session.skip("Credentials must be set via environment variable")
+ # Install pyopenssl for mTLS testing.
+ if os.environ.get("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") == "true":
+ session.install("pyopenssl")
system_test_exists = os.path.exists(system_test_path)
system_test_folder_exists = os.path.exists(system_test_folder_path)
@@ -122,16 +149,26 @@ def system(session):
# Install all test dependencies, then install this package into the
# virtualenv's dist-packages.
- session.install(
- "mock", "pytest", "google-cloud-testutils",
- )
- session.install("-e", ".")
+ session.install("mock", "pytest", "google-cloud-testutils", "-c", constraints_path)
+ session.install("-e", ".", "-c", constraints_path)
# Run py.test against the system tests.
if system_test_exists:
- session.run("py.test", "--quiet", system_test_path, *session.posargs)
+ session.run(
+ "py.test",
+ "--quiet",
+ f"--junitxml=system_{session.python}_sponge_log.xml",
+ system_test_path,
+ *session.posargs,
+ )
if system_test_folder_exists:
- session.run("py.test", "--quiet", system_test_folder_path, *session.posargs)
+ session.run(
+ "py.test",
+ "--quiet",
+ f"--junitxml=system_{session.python}_sponge_log.xml",
+ system_test_folder_path,
+ *session.posargs,
+ )
@nox.session(python=DEFAULT_PYTHON_VERSION)
@@ -142,7 +179,7 @@ def cover(session):
test runs (not system test runs), and then erases coverage data.
"""
session.install("coverage", "pytest-cov")
- session.run("coverage", "report", "--show-missing", "--fail-under=100")
+ session.run("coverage", "report", "--show-missing", "--fail-under=98")
session.run("coverage", "erase")
@@ -174,9 +211,7 @@ def docfx(session):
"""Build the docfx yaml files for this library."""
session.install("-e", ".")
- # sphinx-docfx-yaml supports up to sphinx version 1.5.5.
- # https://github.com/docascode/sphinx-docfx-yaml/issues/97
- session.install("sphinx==1.5.5", "alabaster", "recommonmark", "sphinx-docfx-yaml")
+ session.install("sphinx", "alabaster", "recommonmark", "gcp-sphinx-docfx-yaml")
shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True)
session.run(
diff --git a/renovate.json b/renovate.json
index 4fa9493..f08bc22 100644
--- a/renovate.json
+++ b/renovate.json
@@ -1,5 +1,6 @@
{
"extends": [
"config:base", ":preserveSemverRanges"
- ]
+ ],
+ "ignorePaths": [".pre-commit-config.yaml"]
}
diff --git a/setup.py b/setup.py
index 3b3a667..8105782 100644
--- a/setup.py
+++ b/setup.py
@@ -25,11 +25,11 @@
version = "1.1.1"
release_status = "Development Status :: 5 - Production/Stable"
dependencies = [
- "google-api-core[grpc] >= 1.22.0, < 2.0.0dev",
+ "google-api-core[grpc] >= 1.22.2, < 2.0.0dev",
"proto-plus >= 1.4.0",
- "libcst >= 0.2.5",
]
+extras = {"libcst": "libcst >= 0.2.5"}
package_root = os.path.abspath(os.path.dirname(__file__))
@@ -75,6 +75,7 @@
scripts=["scripts/fixup_accessapproval_v1_keywords.py"],
namespace_packages=namespaces,
install_requires=dependencies,
+ extras_requires=extras,
include_package_data=True,
zip_safe=False,
)
diff --git a/synth.metadata b/synth.metadata
index 4aba682..5a5cefb 100644
--- a/synth.metadata
+++ b/synth.metadata
@@ -3,30 +3,30 @@
{
"git": {
"name": ".",
- "remote": "https://github.com/googleapis/python-access-approval.git",
- "sha": "98610b41f9e70f7e1624709ad2e83c90db86cb97"
+ "remote": "git@github.com:googleapis/python-access-approval",
+ "sha": "c88c24ce7ca47c76e1ed511a9666ba958ea366bc"
}
},
{
"git": {
"name": "googleapis",
"remote": "https://github.com/googleapis/googleapis.git",
- "sha": "dd372aa22ded7a8ba6f0e03a80e06358a3fa0907",
- "internalRef": "347055288"
+ "sha": "8ff7d794576311d3d68d4df2ac6da93bbfcd7476",
+ "internalRef": "366472163"
}
},
{
"git": {
"name": "synthtool",
"remote": "https://github.com/googleapis/synthtool.git",
- "sha": "41a4e56982620d3edcf110d76f4fcdfdec471ac8"
+ "sha": "ff39353f34a36e7643b86e97724e4027ab466dc6"
}
},
{
"git": {
"name": "synthtool",
"remote": "https://github.com/googleapis/synthtool.git",
- "sha": "41a4e56982620d3edcf110d76f4fcdfdec471ac8"
+ "sha": "ff39353f34a36e7643b86e97724e4027ab466dc6"
}
}
],
@@ -40,95 +40,5 @@
"generator": "bazel"
}
}
- ],
- "generatedFiles": [
- ".flake8",
- ".github/CONTRIBUTING.md",
- ".github/ISSUE_TEMPLATE/bug_report.md",
- ".github/ISSUE_TEMPLATE/feature_request.md",
- ".github/ISSUE_TEMPLATE/support_request.md",
- ".github/PULL_REQUEST_TEMPLATE.md",
- ".github/release-please.yml",
- ".github/snippet-bot.yml",
- ".gitignore",
- ".kokoro/build.sh",
- ".kokoro/continuous/common.cfg",
- ".kokoro/continuous/continuous.cfg",
- ".kokoro/docker/docs/Dockerfile",
- ".kokoro/docker/docs/fetch_gpg_keys.sh",
- ".kokoro/docs/common.cfg",
- ".kokoro/docs/docs-presubmit.cfg",
- ".kokoro/docs/docs.cfg",
- ".kokoro/populate-secrets.sh",
- ".kokoro/presubmit/common.cfg",
- ".kokoro/presubmit/presubmit.cfg",
- ".kokoro/publish-docs.sh",
- ".kokoro/release.sh",
- ".kokoro/release/common.cfg",
- ".kokoro/release/release.cfg",
- ".kokoro/samples/lint/common.cfg",
- ".kokoro/samples/lint/continuous.cfg",
- ".kokoro/samples/lint/periodic.cfg",
- ".kokoro/samples/lint/presubmit.cfg",
- ".kokoro/samples/python3.6/common.cfg",
- ".kokoro/samples/python3.6/continuous.cfg",
- ".kokoro/samples/python3.6/periodic.cfg",
- ".kokoro/samples/python3.6/presubmit.cfg",
- ".kokoro/samples/python3.7/common.cfg",
- ".kokoro/samples/python3.7/continuous.cfg",
- ".kokoro/samples/python3.7/periodic.cfg",
- ".kokoro/samples/python3.7/presubmit.cfg",
- ".kokoro/samples/python3.8/common.cfg",
- ".kokoro/samples/python3.8/continuous.cfg",
- ".kokoro/samples/python3.8/periodic.cfg",
- ".kokoro/samples/python3.8/presubmit.cfg",
- ".kokoro/test-samples.sh",
- ".kokoro/trampoline.sh",
- ".kokoro/trampoline_v2.sh",
- ".pre-commit-config.yaml",
- ".trampolinerc",
- "CODE_OF_CONDUCT.md",
- "CONTRIBUTING.rst",
- "LICENSE",
- "MANIFEST.in",
- "accessapproval-v1-py.tar.gz",
- "docs/_static/custom.css",
- "docs/_templates/layout.html",
- "docs/accessapproval_v1/services.rst",
- "docs/accessapproval_v1/types.rst",
- "docs/conf.py",
- "docs/multiprocessing.rst",
- "google/cloud/accessapproval/__init__.py",
- "google/cloud/accessapproval/py.typed",
- "google/cloud/accessapproval_v1/__init__.py",
- "google/cloud/accessapproval_v1/py.typed",
- "google/cloud/accessapproval_v1/services/__init__.py",
- "google/cloud/accessapproval_v1/services/access_approval/__init__.py",
- "google/cloud/accessapproval_v1/services/access_approval/async_client.py",
- "google/cloud/accessapproval_v1/services/access_approval/client.py",
- "google/cloud/accessapproval_v1/services/access_approval/pagers.py",
- "google/cloud/accessapproval_v1/services/access_approval/transports/__init__.py",
- "google/cloud/accessapproval_v1/services/access_approval/transports/base.py",
- "google/cloud/accessapproval_v1/services/access_approval/transports/grpc.py",
- "google/cloud/accessapproval_v1/services/access_approval/transports/grpc_asyncio.py",
- "google/cloud/accessapproval_v1/types/__init__.py",
- "google/cloud/accessapproval_v1/types/accessapproval.py",
- "mypy.ini",
- "noxfile.py",
- "renovate.json",
- "samples/AUTHORING_GUIDE.md",
- "samples/CONTRIBUTING.md",
- "scripts/decrypt-secrets.sh",
- "scripts/fixup_accessapproval_v1_keywords.py",
- "scripts/readme-gen/readme_gen.py",
- "scripts/readme-gen/templates/README.tmpl.rst",
- "scripts/readme-gen/templates/auth.tmpl.rst",
- "scripts/readme-gen/templates/auth_api_key.tmpl.rst",
- "scripts/readme-gen/templates/install_deps.tmpl.rst",
- "scripts/readme-gen/templates/install_portaudio.tmpl.rst",
- "setup.cfg",
- "testing/.gitignore",
- "tests/unit/gapic/accessapproval_v1/__init__.py",
- "tests/unit/gapic/accessapproval_v1/test_access_approval.py"
]
}
\ No newline at end of file
diff --git a/synth.py b/synth.py
index db09282..201ea18 100644
--- a/synth.py
+++ b/synth.py
@@ -45,7 +45,8 @@
# ----------------------------------------------------------------------------
templated_files = common.py_library(
samples=False, # set to True only if there are samples
- microgenerator=True
+ microgenerator=True,
+ cov_level=98,
)
s.move(templated_files, excludes=[".coveragerc"]) # microgenerator has a good .coveragerc file
diff --git a/testing/constraints-3.6.txt b/testing/constraints-3.6.txt
index 2923be1..8f70f41 100644
--- a/testing/constraints-3.6.txt
+++ b/testing/constraints-3.6.txt
@@ -1,10 +1,10 @@
# This constraints file is used to check that lower bounds
# are correct in setup.py
-# List *all* library dependencies and extras in this file.
+# List all library dependencies and extras in this file.
# Pin the version to the lower bound.
-#
-# e.g., if setup.py has "foo >= 1.14.0, < 2.0.0dev",
-# Then this file should have foo==1.14.0
-google-api-core==1.22.0
-proto-plus==1.4.0
-libcst==0.2.5
\ No newline at end of file
+
+# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev",
+# Then this file should have google-cloud-foo==1.14.0
+google-api-core==1.22.2
+proto-plus==1.10.0
+libcst==0.2.5
diff --git a/testing/constraints-3.7.txt b/testing/constraints-3.7.txt
index e69de29..da93009 100644
--- a/testing/constraints-3.7.txt
+++ b/testing/constraints-3.7.txt
@@ -0,0 +1,2 @@
+# This constraints file is left inentionally empty
+# so the latest version of dependencies is installed
\ No newline at end of file
diff --git a/testing/constraints-3.8.txt b/testing/constraints-3.8.txt
index e69de29..da93009 100644
--- a/testing/constraints-3.8.txt
+++ b/testing/constraints-3.8.txt
@@ -0,0 +1,2 @@
+# This constraints file is left inentionally empty
+# so the latest version of dependencies is installed
\ No newline at end of file
diff --git a/testing/constraints-3.9.txt b/testing/constraints-3.9.txt
index e69de29..da93009 100644
--- a/testing/constraints-3.9.txt
+++ b/testing/constraints-3.9.txt
@@ -0,0 +1,2 @@
+# This constraints file is left inentionally empty
+# so the latest version of dependencies is installed
\ No newline at end of file
diff --git a/tests/unit/gapic/accessapproval_v1/__init__.py b/tests/unit/gapic/accessapproval_v1/__init__.py
index 8b13789..42ffdf2 100644
--- a/tests/unit/gapic/accessapproval_v1/__init__.py
+++ b/tests/unit/gapic/accessapproval_v1/__init__.py
@@ -1 +1,16 @@
+# -*- coding: utf-8 -*-
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
diff --git a/tests/unit/gapic/accessapproval_v1/test_access_approval.py b/tests/unit/gapic/accessapproval_v1/test_access_approval.py
index 8d0d0df..501bd4e 100644
--- a/tests/unit/gapic/accessapproval_v1/test_access_approval.py
+++ b/tests/unit/gapic/accessapproval_v1/test_access_approval.py
@@ -89,7 +89,24 @@ def test__get_default_mtls_endpoint():
@pytest.mark.parametrize(
- "client_class", [AccessApprovalClient, AccessApprovalAsyncClient]
+ "client_class", [AccessApprovalClient, AccessApprovalAsyncClient,]
+)
+def test_access_approval_client_from_service_account_info(client_class):
+ creds = credentials.AnonymousCredentials()
+ with mock.patch.object(
+ service_account.Credentials, "from_service_account_info"
+ ) as factory:
+ factory.return_value = creds
+ info = {"valid": True}
+ client = client_class.from_service_account_info(info)
+ assert client.transport._credentials == creds
+ assert isinstance(client, client_class)
+
+ assert client.transport._host == "accessapproval.googleapis.com:443"
+
+
+@pytest.mark.parametrize(
+ "client_class", [AccessApprovalClient, AccessApprovalAsyncClient,]
)
def test_access_approval_client_from_service_account_file(client_class):
creds = credentials.AnonymousCredentials()
@@ -99,16 +116,21 @@ def test_access_approval_client_from_service_account_file(client_class):
factory.return_value = creds
client = client_class.from_service_account_file("dummy/file/path.json")
assert client.transport._credentials == creds
+ assert isinstance(client, client_class)
client = client_class.from_service_account_json("dummy/file/path.json")
assert client.transport._credentials == creds
+ assert isinstance(client, client_class)
assert client.transport._host == "accessapproval.googleapis.com:443"
def test_access_approval_client_get_transport_class():
transport = AccessApprovalClient.get_transport_class()
- assert transport == transports.AccessApprovalGrpcTransport
+ available_transports = [
+ transports.AccessApprovalGrpcTransport,
+ ]
+ assert transport in available_transports
transport = AccessApprovalClient.get_transport_class("grpc")
assert transport == transports.AccessApprovalGrpcTransport
@@ -159,7 +181,7 @@ def test_access_approval_client_client_options(
credentials_file=None,
host="squid.clam.whelk",
scopes=None,
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
@@ -175,7 +197,7 @@ def test_access_approval_client_client_options(
credentials_file=None,
host=client.DEFAULT_ENDPOINT,
scopes=None,
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
@@ -191,7 +213,7 @@ def test_access_approval_client_client_options(
credentials_file=None,
host=client.DEFAULT_MTLS_ENDPOINT,
scopes=None,
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
@@ -219,7 +241,7 @@ def test_access_approval_client_client_options(
credentials_file=None,
host=client.DEFAULT_ENDPOINT,
scopes=None,
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=None,
quota_project_id="octopus",
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
@@ -270,29 +292,25 @@ def test_access_approval_client_mtls_env_auto(
client_cert_source=client_cert_source_callback
)
with mock.patch.object(transport_class, "__init__") as patched:
- ssl_channel_creds = mock.Mock()
- with mock.patch(
- "grpc.ssl_channel_credentials", return_value=ssl_channel_creds
- ):
- patched.return_value = None
- client = client_class(client_options=options)
+ patched.return_value = None
+ client = client_class(client_options=options)
- if use_client_cert_env == "false":
- expected_ssl_channel_creds = None
- expected_host = client.DEFAULT_ENDPOINT
- else:
- expected_ssl_channel_creds = ssl_channel_creds
- expected_host = client.DEFAULT_MTLS_ENDPOINT
+ if use_client_cert_env == "false":
+ expected_client_cert_source = None
+ expected_host = client.DEFAULT_ENDPOINT
+ else:
+ expected_client_cert_source = client_cert_source_callback
+ expected_host = client.DEFAULT_MTLS_ENDPOINT
- patched.assert_called_once_with(
- credentials=None,
- credentials_file=None,
- host=expected_host,
- scopes=None,
- ssl_channel_credentials=expected_ssl_channel_creds,
- quota_project_id=None,
- client_info=transports.base.DEFAULT_CLIENT_INFO,
- )
+ patched.assert_called_once_with(
+ credentials=None,
+ credentials_file=None,
+ host=expected_host,
+ scopes=None,
+ client_cert_source_for_mtls=expected_client_cert_source,
+ quota_project_id=None,
+ client_info=transports.base.DEFAULT_CLIENT_INFO,
+ )
# Check the case ADC client cert is provided. Whether client cert is used depends on
# GOOGLE_API_USE_CLIENT_CERTIFICATE value.
@@ -301,66 +319,53 @@ def test_access_approval_client_mtls_env_auto(
):
with mock.patch.object(transport_class, "__init__") as patched:
with mock.patch(
- "google.auth.transport.grpc.SslCredentials.__init__", return_value=None
+ "google.auth.transport.mtls.has_default_client_cert_source",
+ return_value=True,
):
with mock.patch(
- "google.auth.transport.grpc.SslCredentials.is_mtls",
- new_callable=mock.PropertyMock,
- ) as is_mtls_mock:
- with mock.patch(
- "google.auth.transport.grpc.SslCredentials.ssl_credentials",
- new_callable=mock.PropertyMock,
- ) as ssl_credentials_mock:
- if use_client_cert_env == "false":
- is_mtls_mock.return_value = False
- ssl_credentials_mock.return_value = None
- expected_host = client.DEFAULT_ENDPOINT
- expected_ssl_channel_creds = None
- else:
- is_mtls_mock.return_value = True
- ssl_credentials_mock.return_value = mock.Mock()
- expected_host = client.DEFAULT_MTLS_ENDPOINT
- expected_ssl_channel_creds = (
- ssl_credentials_mock.return_value
- )
-
- patched.return_value = None
- client = client_class()
- patched.assert_called_once_with(
- credentials=None,
- credentials_file=None,
- host=expected_host,
- scopes=None,
- ssl_channel_credentials=expected_ssl_channel_creds,
- quota_project_id=None,
- client_info=transports.base.DEFAULT_CLIENT_INFO,
- )
+ "google.auth.transport.mtls.default_client_cert_source",
+ return_value=client_cert_source_callback,
+ ):
+ if use_client_cert_env == "false":
+ expected_host = client.DEFAULT_ENDPOINT
+ expected_client_cert_source = None
+ else:
+ expected_host = client.DEFAULT_MTLS_ENDPOINT
+ expected_client_cert_source = client_cert_source_callback
- # Check the case client_cert_source and ADC client cert are not provided.
- with mock.patch.dict(
- os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}
- ):
- with mock.patch.object(transport_class, "__init__") as patched:
- with mock.patch(
- "google.auth.transport.grpc.SslCredentials.__init__", return_value=None
- ):
- with mock.patch(
- "google.auth.transport.grpc.SslCredentials.is_mtls",
- new_callable=mock.PropertyMock,
- ) as is_mtls_mock:
- is_mtls_mock.return_value = False
patched.return_value = None
client = client_class()
patched.assert_called_once_with(
credentials=None,
credentials_file=None,
- host=client.DEFAULT_ENDPOINT,
+ host=expected_host,
scopes=None,
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=expected_client_cert_source,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
+ # Check the case client_cert_source and ADC client cert are not provided.
+ with mock.patch.dict(
+ os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}
+ ):
+ with mock.patch.object(transport_class, "__init__") as patched:
+ with mock.patch(
+ "google.auth.transport.mtls.has_default_client_cert_source",
+ return_value=False,
+ ):
+ patched.return_value = None
+ client = client_class()
+ patched.assert_called_once_with(
+ credentials=None,
+ credentials_file=None,
+ host=client.DEFAULT_ENDPOINT,
+ scopes=None,
+ client_cert_source_for_mtls=None,
+ quota_project_id=None,
+ client_info=transports.base.DEFAULT_CLIENT_INFO,
+ )
+
@pytest.mark.parametrize(
"client_class,transport_class,transport_name",
@@ -386,7 +391,7 @@ def test_access_approval_client_client_options_scopes(
credentials_file=None,
host=client.DEFAULT_ENDPOINT,
scopes=["1", "2"],
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
@@ -416,7 +421,7 @@ def test_access_approval_client_client_options_credentials_file(
credentials_file="credentials.json",
host=client.DEFAULT_ENDPOINT,
scopes=None,
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
@@ -435,7 +440,7 @@ def test_access_approval_client_client_options_from_dict():
credentials_file=None,
host="squid.clam.whelk",
scopes=None,
- ssl_channel_credentials=None,
+ client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
)
@@ -480,6 +485,24 @@ def test_list_approval_requests_from_dict():
test_list_approval_requests(request_type=dict)
+def test_list_approval_requests_empty_call():
+ # This test is a coverage failsafe to make sure that totally empty calls,
+ # i.e. request == None and no flattened fields passed, work.
+ client = AccessApprovalClient(
+ credentials=credentials.AnonymousCredentials(), transport="grpc",
+ )
+
+ # Mock the actual call within the gRPC stub, and fake the request.
+ with mock.patch.object(
+ type(client.transport.list_approval_requests), "__call__"
+ ) as call:
+ client.list_approval_requests()
+ call.assert_called()
+ _, args, _ = call.mock_calls[0]
+
+ assert args[0] == accessapproval.ListApprovalRequestsMessage()
+
+
@pytest.mark.asyncio
async def test_list_approval_requests_async(
transport: str = "grpc_asyncio",
@@ -864,6 +887,24 @@ def test_get_approval_request_from_dict():
test_get_approval_request(request_type=dict)
+def test_get_approval_request_empty_call():
+ # This test is a coverage failsafe to make sure that totally empty calls,
+ # i.e. request == None and no flattened fields passed, work.
+ client = AccessApprovalClient(
+ credentials=credentials.AnonymousCredentials(), transport="grpc",
+ )
+
+ # Mock the actual call within the gRPC stub, and fake the request.
+ with mock.patch.object(
+ type(client.transport.get_approval_request), "__call__"
+ ) as call:
+ client.get_approval_request()
+ call.assert_called()
+ _, args, _ = call.mock_calls[0]
+
+ assert args[0] == accessapproval.GetApprovalRequestMessage()
+
+
@pytest.mark.asyncio
async def test_get_approval_request_async(
transport: str = "grpc_asyncio",
@@ -1081,6 +1122,24 @@ def test_approve_approval_request_from_dict():
test_approve_approval_request(request_type=dict)
+def test_approve_approval_request_empty_call():
+ # This test is a coverage failsafe to make sure that totally empty calls,
+ # i.e. request == None and no flattened fields passed, work.
+ client = AccessApprovalClient(
+ credentials=credentials.AnonymousCredentials(), transport="grpc",
+ )
+
+ # Mock the actual call within the gRPC stub, and fake the request.
+ with mock.patch.object(
+ type(client.transport.approve_approval_request), "__call__"
+ ) as call:
+ client.approve_approval_request()
+ call.assert_called()
+ _, args, _ = call.mock_calls[0]
+
+ assert args[0] == accessapproval.ApproveApprovalRequestMessage()
+
+
@pytest.mark.asyncio
async def test_approve_approval_request_async(
transport: str = "grpc_asyncio",
@@ -1227,6 +1286,24 @@ def test_dismiss_approval_request_from_dict():
test_dismiss_approval_request(request_type=dict)
+def test_dismiss_approval_request_empty_call():
+ # This test is a coverage failsafe to make sure that totally empty calls,
+ # i.e. request == None and no flattened fields passed, work.
+ client = AccessApprovalClient(
+ credentials=credentials.AnonymousCredentials(), transport="grpc",
+ )
+
+ # Mock the actual call within the gRPC stub, and fake the request.
+ with mock.patch.object(
+ type(client.transport.dismiss_approval_request), "__call__"
+ ) as call:
+ client.dismiss_approval_request()
+ call.assert_called()
+ _, args, _ = call.mock_calls[0]
+
+ assert args[0] == accessapproval.DismissApprovalRequestMessage()
+
+
@pytest.mark.asyncio
async def test_dismiss_approval_request_async(
transport: str = "grpc_asyncio",
@@ -1374,6 +1451,24 @@ def test_get_access_approval_settings_from_dict():
test_get_access_approval_settings(request_type=dict)
+def test_get_access_approval_settings_empty_call():
+ # This test is a coverage failsafe to make sure that totally empty calls,
+ # i.e. request == None and no flattened fields passed, work.
+ client = AccessApprovalClient(
+ credentials=credentials.AnonymousCredentials(), transport="grpc",
+ )
+
+ # Mock the actual call within the gRPC stub, and fake the request.
+ with mock.patch.object(
+ type(client.transport.get_access_approval_settings), "__call__"
+ ) as call:
+ client.get_access_approval_settings()
+ call.assert_called()
+ _, args, _ = call.mock_calls[0]
+
+ assert args[0] == accessapproval.GetAccessApprovalSettingsMessage()
+
+
@pytest.mark.asyncio
async def test_get_access_approval_settings_async(
transport: str = "grpc_asyncio",
@@ -1595,6 +1690,24 @@ def test_update_access_approval_settings_from_dict():
test_update_access_approval_settings(request_type=dict)
+def test_update_access_approval_settings_empty_call():
+ # This test is a coverage failsafe to make sure that totally empty calls,
+ # i.e. request == None and no flattened fields passed, work.
+ client = AccessApprovalClient(
+ credentials=credentials.AnonymousCredentials(), transport="grpc",
+ )
+
+ # Mock the actual call within the gRPC stub, and fake the request.
+ with mock.patch.object(
+ type(client.transport.update_access_approval_settings), "__call__"
+ ) as call:
+ client.update_access_approval_settings()
+ call.assert_called()
+ _, args, _ = call.mock_calls[0]
+
+ assert args[0] == accessapproval.UpdateAccessApprovalSettingsMessage()
+
+
@pytest.mark.asyncio
async def test_update_access_approval_settings_async(
transport: str = "grpc_asyncio",
@@ -1827,6 +1940,24 @@ def test_delete_access_approval_settings_from_dict():
test_delete_access_approval_settings(request_type=dict)
+def test_delete_access_approval_settings_empty_call():
+ # This test is a coverage failsafe to make sure that totally empty calls,
+ # i.e. request == None and no flattened fields passed, work.
+ client = AccessApprovalClient(
+ credentials=credentials.AnonymousCredentials(), transport="grpc",
+ )
+
+ # Mock the actual call within the gRPC stub, and fake the request.
+ with mock.patch.object(
+ type(client.transport.delete_access_approval_settings), "__call__"
+ ) as call:
+ client.delete_access_approval_settings()
+ call.assert_called()
+ _, args, _ = call.mock_calls[0]
+
+ assert args[0] == accessapproval.DeleteAccessApprovalSettingsMessage()
+
+
@pytest.mark.asyncio
async def test_delete_access_approval_settings_async(
transport: str = "grpc_asyncio",
@@ -2151,6 +2282,51 @@ def test_access_approval_transport_auth_adc():
)
+@pytest.mark.parametrize(
+ "transport_class",
+ [
+ transports.AccessApprovalGrpcTransport,
+ transports.AccessApprovalGrpcAsyncIOTransport,
+ ],
+)
+def test_access_approval_grpc_transport_client_cert_source_for_mtls(transport_class):
+ cred = credentials.AnonymousCredentials()
+
+ # Check ssl_channel_credentials is used if provided.
+ with mock.patch.object(transport_class, "create_channel") as mock_create_channel:
+ mock_ssl_channel_creds = mock.Mock()
+ transport_class(
+ host="squid.clam.whelk",
+ credentials=cred,
+ ssl_channel_credentials=mock_ssl_channel_creds,
+ )
+ mock_create_channel.assert_called_once_with(
+ "squid.clam.whelk:443",
+ credentials=cred,
+ credentials_file=None,
+ scopes=("https://www.googleapis.com/auth/cloud-platform",),
+ ssl_credentials=mock_ssl_channel_creds,
+ quota_project_id=None,
+ options=[
+ ("grpc.max_send_message_length", -1),
+ ("grpc.max_receive_message_length", -1),
+ ],
+ )
+
+ # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls
+ # is used.
+ with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()):
+ with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred:
+ transport_class(
+ credentials=cred,
+ client_cert_source_for_mtls=client_cert_source_callback,
+ )
+ expected_cert, expected_key = client_cert_source_callback()
+ mock_ssl_cred.assert_called_once_with(
+ certificate_chain=expected_cert, private_key=expected_key
+ )
+
+
def test_access_approval_host_no_port():
client = AccessApprovalClient(
credentials=credentials.AnonymousCredentials(),
@@ -2172,7 +2348,7 @@ def test_access_approval_host_with_port():
def test_access_approval_grpc_transport_channel():
- channel = grpc.insecure_channel("http://localhost/")
+ channel = grpc.secure_channel("http://localhost/", grpc.local_channel_credentials())
# Check that channel is used if provided.
transport = transports.AccessApprovalGrpcTransport(
@@ -2184,7 +2360,7 @@ def test_access_approval_grpc_transport_channel():
def test_access_approval_grpc_asyncio_transport_channel():
- channel = aio.insecure_channel("http://localhost/")
+ channel = aio.secure_channel("http://localhost/", grpc.local_channel_credentials())
# Check that channel is used if provided.
transport = transports.AccessApprovalGrpcAsyncIOTransport(
@@ -2195,6 +2371,8 @@ def test_access_approval_grpc_asyncio_transport_channel():
assert transport._ssl_channel_credentials == None
+# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are
+# removed from grpc/grpc_asyncio transport constructor.
@pytest.mark.parametrize(
"transport_class",
[
@@ -2209,7 +2387,7 @@ def test_access_approval_transport_channel_mtls_with_client_cert_source(
"grpc.ssl_channel_credentials", autospec=True
) as grpc_ssl_channel_cred:
with mock.patch.object(
- transport_class, "create_channel", autospec=True
+ transport_class, "create_channel"
) as grpc_create_channel:
mock_ssl_cred = mock.Mock()
grpc_ssl_channel_cred.return_value = mock_ssl_cred
@@ -2247,6 +2425,8 @@ def test_access_approval_transport_channel_mtls_with_client_cert_source(
assert transport._ssl_channel_credentials == mock_ssl_cred
+# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are
+# removed from grpc/grpc_asyncio transport constructor.
@pytest.mark.parametrize(
"transport_class",
[
@@ -2262,7 +2442,7 @@ def test_access_approval_transport_channel_mtls_with_adc(transport_class):
ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred),
):
with mock.patch.object(
- transport_class, "create_channel", autospec=True
+ transport_class, "create_channel"
) as grpc_create_channel:
mock_grpc_channel = mock.Mock()
grpc_create_channel.return_value = mock_grpc_channel